Jump to content

.zip (top-level domain)

From Wikipedia, the free encyclopedia
.zip
Introduced2014
TLD typeGeneric top-level domain

.zip is a top-level domain name operated by Google.[1] .zip is a generic top-level domain (gTLD) introduced under ICANN's new gTLD program. Approved as a part of the program, .zip became available to the general public on May 3, 2023.

The qualifier .zip is also associated with the widely recognized .zip file format, commonly used for file compression and archiving, and its approval as a gTLD received criticism for the security concerns that may arise as a consequence.

Security concerns

[edit]

Google opened registration for the .zip and .mov top-level domains to the general public on May 3, 2023. Its release was immediately met with condemnation from cyber security experts as a result of its similarity with the file format of the same name.[2][3] Malwarebytes warned against the use of already recognizable filenames and their confusion with top-level domains, as "plenty of users already have a clear idea that .zip means something completely different."[4] Experts cautioned against their use and noted the similarities between the .zip domain and the fact that cybercriminals have begun employing more malicious usage of .zip filetypes in cybercrime.[4] Cisco warned against the potential for leaks for personal identifying information.[5] Researchers also pointed out similar concerns with Google's .mov domain.[2][3]

Initial surverys by security researchers found numerous examples of links and domains registered being used in phishing attempts immediately following public release of domain registration and the ICSS recommended disabling access to .zip domains until "the dust settles and risks can be accessed."[6]

Usage

[edit]

Following its release to the general public, .zip domain registrations were one of the most popular new domains registered in summer of 2023, during the domain's landrush and early access period.[7] Security researchers noted high levels of phishing domains and high levels of redirection campaigns. Shortly after its release, some security vendors blocked access to .zip domains, and new domains under these TLDs began to be scrutinized more carefully.[7]

One month after its public release in June 2023, there were 13,796 .zip domains registered;[8] which has risen to over 14,000 as of November 2024.[9] Security researchers found that malicious use of the domain was approximately 0.20%, slightly below the global average of 0.22%. This was still higher than the abuse rate of 0.06% seen in European ccTLDs.[8]

See also

[edit]
  • Zip bomb – Malicious archive file designed to disrupt the program or system reading it

References

[edit]
  1. ^ ".zip Registry Agreement". www.icann.org.
  2. ^ a b Alcantara, Jan Michael (12 June 2023). ".Zip and .Mov Top Level Domain Abuse: One Month After Being Made Public". Netskope.
  3. ^ a b Newman, Lily Hay (21 May 2023). "The Real Risks in Google's New .Zip and .Mov Domains". Wired.
  4. ^ a b Stockley, Mark (17 May 2023). "Zip domains, a bad idea nobody asked for". Malwarebytes.
  5. ^ "".Zip" top-level domains draw potential for information leaks". Cisco Talos Blog. 13 June 2023.
  6. ^ Brinkmann, Martin (15 May 2023). "Google's .zip Top Level domain is already used in phishing attacks - gHacks Tech News".
  7. ^ a b Ramesh, Reethika; Chen, Zhanhao; Li, Wanjin; Liu, Daiping (30 August 2024). "TLD Tracker: Exploring Newly Released Top-Level Domains".
  8. ^ a b Deacon, Alex (July 17, 2023). "The .zip TLD: Ripe for abuse, but so far so good". DNS Research Federation.
  9. ^ ".zip | Top-Level Domain Breakdown". nTLDStats. Retrieved 18 November 2024.